In light of today’s digital transformation, cybersecurity and the protection of personal data are a major concern. bioMérieux is committed to ensuring a secure digital environment in line with ethical conduct and our company’s values.
Aligned Quality, Security and Privacy
At bioMérieux we value the confidentiality and integrity of personal data and we place cybersecurity at the heart of our business. All products and data are subject to bioMérieux’s strict privacy and security policy. Our teams of specialists constantly focus on ensuring optimal protection of all protected health and personally identifiable information (PHI & PII) in accordance with all applicable international privacy and security laws. bioMérieux products are designed to follow privacy and security standards such as HIPAA, HITECH, 21CFR part11 CLSI (AUTO11-A2), ISO, ANSSI and recent GDPR, as well as FDA, ANSM and NMPA clinical regulations and industrial integrity standards. To learn more about bioMérieux’s specific commitments regarding Data Privacy visit this dedicated page.
bioMérieux continues to monitor and implement safeguards, to reasonably protect against security incidents or privacy breaches involving a bioMérieux product. bioMérieux recognizes that an effective cybersecurity program must address the entire product lifecycle, including training, requirements, design, implementation, verification, release, risk assessment, vulnerability management, response and disposal of a product and any associated data. However, as vulnerabilities evolve and are identified, so will bioMérieux security and we consider you a partner in this process. If you have any questions or concerns, please contact a bioMérieux representative, we will investigate and address the issue as necessary.
bioMérieux is committed to providing secure products to our customers. In addition to respecting demanding quality standards during the R&D and post-marketing phases, we integrate cybersecurity and data privacy measures early on in product design, conception, manufacture, assessment, testing and validation using the following practices:
- Privacy and security by design
- Vulnerability and risk assessment
- Secure coding practices and analysis
- Access control and data governance
- Post-market vulnerability monitoring and patch management
- Security incident response
We monitor, analyze and remediate vulnerabilities affecting bioMérieux products and assist our customers to protect their activities all along bioMérieux products' lifecycle as part of our Product Vulnerability Management Program. You can follow bioMérieux's response to security events from the Security Advisories page and will also be informed about security information relevant to your context directly by your local bioMérieux support representatives.
In order to maintain the highest level of security we have valued partnerships with companies like Thales. Watch this cross interview between Patrick Lethenet, VP System Development Clinical Unit at bioMérieux and Christian Rivierre, VP systems & software engineering at Thales, to learn how our partnership helps us delivering secure products.ADVISORY
bioMérieux has assessed that the following products or product features developed or distributed by bioMérieux or its subsidiaries and determined that they are not running the impacted versions of Log4j disclosed as of the date of this Advisory: